Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
IAB gives dotless domains the thumbs down
The Internet Architecture Board believes dotless domain names would be “inherently harmful to Internet security.”
The IAB, the oversight committee which is to internet technical standards what ICANN is to domain names, weighed into the debate with an article apparently published yesterday.
In it, the committee states that over time dotless domains have evolved to be used only on local networks, rather than the internet, and that to start delegating them at the top level of the DNS would be dangerous:
most users entering single-label names want them to be resolved in a local context, and they do not expect a single name to refer to a TLD. The behavior is specified within a succession of standards track documents developed over several decades, and is now implemented by hundreds of millions of Internet hosts.
…
By attempting to change expected behavior, dotless domains introduce potential security vulnerabilities. These include causing traffic intended for local services to be directed onto the global Internet (and vice-versa), which can enable a number of attacks, including theft of credentials and cookies, cross-site scripting attacks, etc. As a result, the deployment of dotless domains has the potential to cause significant harm to the security of the Internet
The article also says (if I understand correctly) that it’s okay for browsers to interpret words entered into address bars without dots as local resources and/or search terms rather than domain names.
It’s pretty unequivocal that dotless domains would be Bad.
The article was written because there’s currently a lot of talk about new gTLD applicants — such as Google, Donuts and Uniregistry — asking ICANN to allow them to run their TLDs without dots.
There’s a ban in the Applicant Guidebook on the “apex A records” that would be required to make dotless TLDs work, but it’s been suggested that applicants could apply to have the ban lifted on a case by case basis.
More recently, ICANN’s Security and Stability Advisory Committee has stated almost as unequivocally as the IAB that dotless domains should not be allowed.
But for some reason ICANN recently commissioned a security company to look into the issue.
This seems to have made some people, such as the At Large Advisory Committee, worried that ICANN is looking for some wiggle room to give its new gTLD paymasters what they want.
Alternatively, ICANN may just be looking for a second opinion to wave in the faces of new gTLD registries when it tells them to take a hike. It was quite vague about its motives.
It’s not just a technical issue, of course. Dotless TLDs would shake up the web search market in a big way, and not necessarily for the better.
Donuts CEO Paul Stahura today published an article on CircleID that makes the case that it is the browser makers, specifically Microsoft, that are implementing DNS all wrong, and that they’re objecting to dotless domains for competitive reasons. The IAB apparently disagrees, but it’s an interesting counterpoint nevertheless.
DomainsBot takes its new gTLD spinner to registries
DomainsBot has started promoting its domain name suggestion services to new gTLD registries.
Announced today, its new TLD Recommendation Engine for Registries is designed to make TLD suggestions more relevant when people are hunting for a new domain name.
It’s a sister service to the TLD Recommendation Engine for Registrars that, as we reported last week, DomainsBot hopes to have in place on many of the major registrars’ storefronts when new gTLDs launch.
After last week’s news, Domain Name Wire did a test of its demo and found it lacking in certain areas, such as failing to offer a .accountant domain to a query containing “CPA”.
DomainsBot CEO Emiliano Pasqualetti told DI that the service being announced today will help TLD registries avoid this kind of problem.
In consultation with DomainsBot, they’ll be able to more accurately define the meaning of their TLD string, improving the relevancy of DomainsBot’s results and potentially not missing out on sales.
Under the hood, it’s based on a database of all the existing second-level domains in existence today. DomainsBot wants to connect each second-level string to relevant results in new gTLDs.
“My goal is to pre-classify every existing second-level domain before new gTLDs go live,” Pasqualetti said.
The service is not free, of course. The cheapest tier has an introductory price of $1,000 per month, which Pasqualetti said will go up in future.
It’s “pay for relevancy” rather than “pay for display”, he said. “I’m not saying if you pay me I will display .cpa every time.”
MinardosGroup, which has applied for .build, .construction and .expert, has already signed on to use the service, according to a DomainsBot press release.
Report names and shames most-abused TLDs
Newish gTLDs .tel and .xxx are among the most secure top-level domains, while .cn and .pw are the most risky.
That’s according to new gTLD services provider Architelos, which today published a report analyzing the prevalence of abuse in each TLD.
Assigning an “abuse per million domains” score to each TLD, the company found .tel the safest with 0 and .cn the riskiest, with a score of 30,406.
Recently relaunched .pw, which has had serious problems with spammers, came in just behind .cn, with a score of 30,151.
Generally, the results seem to confirm that the more tightly controlled the registration process and the more expensive the domain, the less likely it is to see abuse.
Norway’s .no and ICM Registry’s .xxx scored 17 and 27, for example.
Surprisingly, the free ccTLD for Tokelau, .tk, which is now the second-largest TLD in the world, had only 224 abusive domains per million under management, according to the report..
Today’s report ranked TLDs with over 100,000 names under management. Over 90% of the abusive domains used to calculate the scores were related to spam, rather than anything more nefarious.
The data was compiled from Architelos’ NameSentry service, which aggregates abusive URLs from numerous third-party sources and tallies up the number of times each TLD appears.
The methodology is very similar to the one DI PRO uses in TLD Health Check, but Architelos uses more data sources. NameSentry is also designed to automate the remediation workflow for registries.
Key-Systems to take a loss on .hiv domains
Key-Systems said yesterday that it plans to make .hiv domain names available at “below net cost price”, in solidarity with would-be new gTLD registry dotHIV.
The registrar said it will also offer free .hiv names at launch to organizations involving in fighting the virus via its Moniker and domaindiscount24.com retail registrars.
dotHIV, also a German company, plans to donate all of its profits to HIV/AIDs charities.
Its application is uncontested and has already passed Initial Evaluation, but is the target of Governmental Advisory Committee advice, which has put its bid on hold.
Despite this uncertainty, Key-Systems said it expects the Sunrise phase for .hiv to start in December.
.CO Internet looking for more registrars
.CO Internet is expanding its registrar channel with a new Request For Proposals.
The company wants would-be registrars to respond with the commitments they’re willing to make to market and promote .co domains, particularly in markets where .co is not currently popular.
Only ICANN-accredited registrars need apply.
Amusingly, registrars also need to be specifically accredited to sell .biz domains. Presumably this is due to .CO’s relationship with back-end provider Neustar, which also runs .biz.
The company has about 30 registrars right now, but many of those operate very large reseller networks, so there’s no shortage of places to buy a .co if you want one.
.CO deliberately kept its registrar numbers low — only 10 at launch — in order to cut down on abuse and to keep a tighter leash on gaming during the 2010 landrush process.
The RFP can be found here.
Governments kill off Patagonia’s dot-brand bid
The clothing retailer Patagonia has withdrawn its application for .patagonia after it became clear that ICANN’s Governmental Advisory Committee was unlikely to allow it.
Controversial from the outset, Patagonia’s dot-brand came under fire from governments including Argentina and Chile because the company is named after a large region of Latin America.
The GAC couldn’t find a consensus for a full-on objection to the bid, however, because the US government refused to agree that governments should have rights over such geographic terms.
However the US said last week that it would stand neutral on .patagonia and other geographic-flavored applications at next week’s ICANN meeting in Durban, smoothing the path to GAC consensus.
A GAC consensus objection would have spelled certain death to the application.
Amazon’s .amazon application is in exactly the same position as .patagonia was. Unless the company can come to some kind of arrangement with Brazil and over governments it may suffer the same fate.
First three new gTLD objections thrown out
Three objections against new gTLD applications have been thrown out by the World Intellectual Property Organization, two of them on the basis that they were blatant attempts to game the system.
The objections were all Legal Rights Objections. Essentially, they’re attempts by the objectors to show that for ICANN to approve the gTLD would infringe their existing trademark rights.
The applications being objected to were Google’s .home, SC Johnson’s .rightathome and Vipspace Enterprises .vip.
The decisions are of course completely unprecedented. No LROs have ever been decided before.
Let’s look at each in turn.
Google’s .home
The objector here was Defender Security Company, a home security company, which has also applied for .home and has objected to nine of its competitors for the string.
Basically, the objection was thrown out (pdf) because it was a transparent attempt to game the trademark system in order to secure a potentially lucrative gTLD.
Defender appears to have bought the application, along with associated companies, domains, social media accounts and trademarks, from CGR E-Commerce, a company owned by .music applicant Constantine Roussos.
The panelist in the case apparently doesn’t have a DomainTools subscription and couldn’t make the Roussos link from historical Whois records, but it’s plain to see for those who do.
The case was brought on the basis of a European Community trademark on the term “.home”, applied for in December 2011, just a few weeks before ICANN opened the new gTLD application window, and a US trademark on “true.home” applied for a few months later.
The objector also owned dothome.net, one of many throwaway Go Daddy domain name resellers Roussos set up in late 2011 in order to assert prior rights to TLDs he planned to apply for.
The panelist saw through all the nonsense and rejected the objection due to lack of standing.
Here’s the money quote:
The attempted acquisition of trademark rights appears to have been undertaken to create a basis for filing the Objection, or defending an application. There appears to have been no attempt to acquire rights in or use any marks until after the New gTLD Program had been announced, specifically two weeks before the period to file applications for new gTLDs was to open.
For the EC trademark, lack of standing was found because Defender didn’t present any evidence that it actually owned the company, DotHome Ltd, that owned the trademark.
For the US trademark, which is still not registered, the panelist seems to have relied upon UDRP precedent covering rights in unregistered trademarks in his decision to find lack of standing.
The panelist also briefly addresses the Applicant Guidebook criteria for LROs, although it appears he was not obliged to, and found Defender’s arguments lacking.
In summary, it’s a sane decision that appears to show that you can’t secure a gTLD with subterfuge and bogosity.
It’s not looking good for the other eight objections Defender has filed.
Vipspace Enterprises’ .vip
This is another competitive objection, filed by one .vip applicant against another.
The objector in this case is German outfit I-Registry, which has applied for four gTLDs. The respondent is Vipspace, which has only applied for .vip.
In this case, both companies have applied for trademarks, one filed one month before the other.
The panelist’s decision focuses, sanely again, on the generic nature of the string in question.
Because both trademarks were filed for the word “VIP” meaning “Very Important Person”, which is the intended meaning of both applications, it’s hard to see how either is a proper brand.
The panelist wrote (pdf):
while SOAP, for example, may be a perfectly satisfactory trade mark for cars, it cannot serve as a trade mark for the cleaning product “soap”.
…
While the parties have used the term, “VIP”, in various forms on their website to indicate the manner in which the term will be used if they are successful in being awarded the domain, there is nothing before the Panel (beyond mere assertion) to show that either of them has yet traded under their marks sufficiently to displace the primary descriptive meaning of the term and establish a brand or at all.
In other words, it’s a second case of a WIPO panelist deciding that getting, or applying for, a trademark is not enough to grant a company exclusive rights to a new gTLD string.
Sanity, again, prevails.
SC Johnson’s .rightathome
While it contains the word “home”, this is a completely unrelated case with a different objector and a different panelist.
The objector here was Right At Home, a Nebraska-based international provider of in-home elderly care services. The applicant is a subsidiary of the well-known cosmetics company SC Johnson, which uses “Right@Home” as a brand.
It appears that both objector and applicant have really good rights to the string in question, which makes the panelist’s decision all the more interesting.
The way the LRO is described in ICANN’s new gTLD Applicant Guidebook, there are eight criteria that must be weighed by the panelist.
In this case, the panelist does not provide a conclusion showing how the weighting was done, but rather discusses each point in turn and decides whether the evidence favors the objector or the applicant.
The applicant here won on five out of the eight criteria.
The fact that the two companies offer different products and/or services, accompanied by the fact that the phrase “Right At Home” is in use by other companies in addition to the complainant and respondent appears to have been critical in tipping the balance.
In short, the panelist appears to have decided (pdf) that because SC Johnson did not apply for .rightathome in bad faith, and because it’s unlikely internet users will think the gTLD belongs to Right At Home, the objection should be rejected.
I am not a lawyer, but it appears that the key takeaway from this case is that owning a legitimately obtained brand is not enough to win an LRO if you’re an objector and the new gTLD applicant operates in a different vertical.
This will worry many people.
Chehade joins Twitter
ICANN CEO Fadi Chehade now has his own Twitter account, the organization has confirmed.
Here he is, tweeting this morning:
Receive the best of our meeting in Durban sent directly to your email with the #myICANN platform. http://t.co/PRD7nBHPQw #ICANN47
— ICANN President (@icann_president) July 9, 2013
And here’s ICANN confirming it:
@DanielNegari @DomainIncite – Yes. That is Fadi's official twitter handle.
— ICANN (@ICANN) July 9, 2013
And here’s somebody who is definitely not Chehade, but is quite amusing anyway:
It's been a year since my selection as #ICANN CEO and I'm in a celebrating kind of mood. Anyone else need an engagement center?
— Shit Fadi Says (@ShitFadiSays) June 27, 2013
2013 RAA is illegal, says EU privacy watchdog
European privacy regulators have slammed the new 2013 Registrar Accreditation Agreement, saying it would be illegal for registrars based in the EU to comply with it.
The Article 29 Working Party, which comprises privacy regulators from the 27 European Union nations, had harsh words for the part of the contract that requires registrars to store data about registrants for two years after their domains expire.
In a letter (pdf) to ICANN last month, Article 29 states plainly that such provisions would be illegal in the EU:
The fact that these personal data can be useful for law enforcement does not legitimise the retention of these personal data after termination of the contract. Because there is no legal ground for the data processing, the proposed data retention requirement violates data protection law in Europe.
The 2013 RAA allows any registrar to opt out of the data retention provisions if it can prove that to comply would be illegal its own jurisdiction.
The Article 29 letter has been sent to act as blanket proof of this for all EU-based registrars, but it’s not yet clear if ICANN will treat it as such.
The letter goes on to sharply criticize ICANN for allowing itself to be used by governments (and big copyright interests) to circumvent their own legislative processes. It says:
The fact that these data may be useful for law enforcement (including copyright enforcement by private parties) does not equal a necessity to retain these data after termination of the contract.
…
the Working Party reiterates its strong objection to the introduction of data retention by means of a contract issued by a private corporation in order to facilitate (public) law enforcement.
If there is a pressing social need for specific collections of personal data to be available for law enforcement, and the proposed data retention is proportionate to the legitimate aim pursued, it is up to national governments to introduce legislation
So why is ICANN trying to get many of its registrars to break the law?
While it’s tempting to follow the Article 29 WP’s reasoning and blame law enforcement agencies and the Governmental Advisory Committee, which pushed for the new RAA to be created in the first place, the illegal data retention provisions appear to be entirely ICANN’s handiwork.
The original law enforcement demands (pdf) say registrars should “securely collect and store” data about registrants, but there’s no mention of the period for which it should be stored.
And while the GAC has expressly supported the LEA recommendations since 2010, it has always said that ICANN should comply with privacy laws in their implementation.
The GAC does not appear to have added any of its own recommendations relating to data retention.
ICANN can’t claim it was unaware that the new RAA might be illegal for some registrars either. The Article 29 WP told it so last September, causing ICANN to introduce the idea of exemptions.
However, the European Commission’s GAC representative then seemed to dismiss the WP’s concerns during ICANN’s public meeting in Toronto last October.
Perhaps ICANN was justifiably confused by these mixed messages.
According to Michele Neylon, chair of the Registrars Stakeholder Group, it has yet to respond to European registrars’ inquiries about the Article 29 letter, which was sent June 6.
“We hope that ICANN staff will take the letter into consideration, as it is clear that the data protection authorities do not want create extra work either for themselves or for registrars,” Neylon said.
“For European registrars, and non-European registrars with a customer base in the EU, we look forward to ICANN staff providing us with clarity on how we can deal with this matter and respect EU and national law,” he said.
Geo gTLD bidders propose new constituency
Applicants for geographic gTLDs voted unanimously to form a new ICANN constituency last week.
According to minutes of a meeting hosted by .london applicant London & Partners in London last Thursday, 20 applicants voted in favor of a constituency and nobody voted for the alternatives.
Not every geo was in attendance, however. Twenty votes represents less than a third of the overall geographic gTLD applicant base.
A new constituency would likely join registries and registrars in the Contracted Parties House of the Generic Name Supporting Organization.
A constituency for dot-brand applicants, the Brand Registry Group, is also currently being formed.
Recent Comments